Bug 769530

Summary: SELinux prevents ssh-keygen to access public ssh key
Product: Red Hat Enterprise Linux 6 Reporter: Marko Myllynen <myllynen>
Component: selinux-policyAssignee: Miroslav Grepl <mgrepl>
Status: CLOSED DUPLICATE QA Contact: Miroslav Vadkerti <mvadkert>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.2CC: dwalsh, mmalik, mvadkert, pcfe
Target Milestone: rcKeywords: Regression
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-01-11 13:38:32 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Marko Myllynen 2011-12-21 08:40:48 UTC 
Description of problem:
After upgrading to RHEL 6.2 I started to see this issue on NFS mounted home:

$ sudo getenforce
Enforcing
$ ssh-keygen -l -f /home/testuser/.ssh/id_dsa.pub
/home/testuser/.ssh/id_dsa.pub: Permission denied
$ sudo setenforce 0
$ ssh-keygen -l -f /home/testuser/.ssh/id_dsa.pub
1024 .... /home/testuser/.ssh/id_dsa.pub (DSA)

While enforcing and running ssh-keygen nothing is being printed to /var/log/secure / /var/log/messages / /var/log/audit/audit.log. This used to work all ok on RHEL 6.0 / RHEL 6.1.

Version-Release number of selected component (if applicable):
selinux-policy-3.7.19-126.el6
Comment 3 Miroslav Grepl 2012-01-11 13:38:32 UTC 

*** This bug has been marked as a duplicate of bug 755877 ***